Webmin-alike cgi script and security
Dave Swegen
dswegen at software.plasmon.com
Mon Jul 22 10:13:18 EDT 2002
On Mon, Jul 22, 2002 at 06:08:26PM +0400, Denis S. Otkidach wrote:
> On Mon, 22 Jul 2002, Dave Swegen wrote:
>
> DS> The scripts themselves are run as the default webserver
> DS> user, and take
> DS> care of stuff like authentication and basic sanity checking.
> DS>
> DS> If all input checks out an external script is called using
> DS> sudo to gain
> DS> root privs. Any data that should be provided is pickled and
>
> Adding webserver default user to sudoers is a bad thing anyway.
> It's better to use suexec with unique user, that will be used for
> this script only.
Thanks, this is exactly the sort of info I'm looking for.
Cheers
Dave
More information about the Python-list
mailing list